Saturday, September 26, 2015

ms dos - Securely erase empty disk space on a Win 3.1 / DOS 6.22 system with builtin tools


I have a retro laptop from 1994, an IBM Thinkpad 340, which I want to give away, but first want to securely erase its deleted files.


The system contains both a GUI and CLI undelete application, which lists previously deleted files and their respective chances for recovery according to how many clusters are intact.


I am looking for a solution like the cipher or sdelete on newer Windows systems to overwrite the empty disk portions with multiple zero/random write passes with tools built into stock Windows 3.1 with DOS 6.22.


I want to avoid having to install anything extra or booting a maintenance OS from floppy disk, as I have no easy data interface to that retro device at hand: No networking on the retro laptop, no floppy disks on any of my current devices, and I want to avoid buying a USB floppy drive.


If I get no software solution or no USB floppy drive, I’d have to resort to a hardware solution: Disassemble the retro laptop. Get the hard disk drive out. Connect the hard disk drive via my USB-ATA/IDE bridge (adapter/converter) to a host computer with the tools of my choice. But I'd like to avoid such an invasive operation with that luckily still functional retro laptop.


Google yields no useful software utility infos on those legacy pre-WWW systems. I'd appreciate a hint from anyone with experiences in that old systems/devices!




This is how I solved my issue in practice


1) Overwrite with random data: I used File Manager to duplicate c:\windows\system content into dummy directory c:\aa several times plus some remainder data until File Manager showed 0KB free for c:\. Then repeated delete-duplicate-cycles to achieve about 7 complete overwrites in total. Finally deleted the bogus directory. — Compliments to @KodyBrown


2) Overwrite with zeros: Bought a USB floppy (6€, 2nd hand) for my contemporary laptop and created a bootable floppy disk with KillDisk for DOS v4.1 (final version from 2008, no further development). Booted into KillDisk and wiped the unused disk space with zeros. This way any possible future data recovery attempts have a better chance finding valid instead of bogus data. For confirmation I watched the raw disk data and the empty portions indeed were properly filled with null data (0x00).


Nevertheless I am still curious in the original theoretical issue


For geek pride and other interested users without a floppy drive. I still would appreciate a working DOS 6.22 shell script which can properly fill the disk remainder with several random data passes and a final null data pass. Am offering to test it and give feedback. In the use case one has no data interface to the retro device (no network, no floppy) and thus has to manually type it in. Reminding of the microcomputer days in the 1980ies with source code in computer magazines. Charming! ;-)


Answer



A simple way to accomplish this, is to copy the Windows directory over and over, just making additional copies of it, until you run out of space. Delete the copies you just created. Then do it again as many times as you feel necessary (passes).


This is effectively overwriting all free space on the disk.


UPDATED:


Here is a batch file to automate the process. I tested it on an old version of FreeDOS running in a VMware guest. I think it should work on DOS 5 and newer.


Put this file at the root of your C: drive (ie: C:\CLEAN.BAT) and run it from there.


Each time it is run, it will "overwrite" once. Then you must delete all the files in the C:\TMP directory to free up the space (C:\TMP>DEL *.*). (I didn't want the batch file to delete any files on its own, just in case.)


You can run it as many times as you feel is necessary. Each time you run it is a single overwrite, so you might want to run it a couple or three times to be safe.


CLEAN.BAT


@ECHO OFF
IF "%1"=="" GOTO :INIT
:PARSE
SET ARG1=%1
SET ARG2=%2
SET ARG3=%3
SET ARG4=%4
IF NOT "%4"=="" GOTO :LAST
IF NOT "%3"=="" GOTO :LOOP4
IF NOT "%2"=="" GOTO :LOOP3
IF NOT "%1"=="" GOTO :LOOP2
:INIT
C:
CD\
IF NOT EXIST "C:\TMP\" MKDIR C:\TMP >NUL
CHDIR C:\TMP
COPY C:\WINDOWS\SETUP.EXE SETUP.EXE >NUL
COPY SETUP.EXE+SETUP.EXE FILE.0 >NUL
:LOOP1
FOR %%E IN (A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9 0) DO CALL C:\CLEAN.BAT %%E
GOTO :END
:LOOP2
FOR %%F IN (A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9 0) DO CALL C:\CLEAN.BAT %ARG1% %%F
GOTO :END
:LOOP3
FOR %%G IN (A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9 0) DO CALL C:\CLEAN.BAT %ARG1% %ARG2% %%G
GOTO :END
:LOOP4
FOR %%H IN (A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9 0) DO CALL C:\CLEAN.BAT %ARG1% %ARG2% %ARG3% %%H
GOTO :END
:LAST
COPY FILE.0 F%ARG1%%ARG2%%ARG3%%ARG4%.0
IF NOT "%ERRORLEVEL%"=="0" EXIT
GOTO :END
:END

The SETUP.EXE file in my Windows 3.1 directory is just under 500KB. To speed the process up a bit, I copy it (twice) to a new file and use it, so the process will effectively wipe all but about 950KB of the drive. You can pick a smaller file to get more granular, but you may run into issues with having too many files in a single directory.


Also, FreeDOS doesn't change the errorlevel when a copy operation fails. MSDOS has always been good about the errorlevel responses, so you shouldn't run in to that. If it does start saying it failed to copy the temporary file because of disk space, you can safely stop (Ctrl+C) the process.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...